Title :
On the effectiveness of DDoS attacks on statistical filtering
Author :
Li, Qiming ; Chang, Ee-Chien ; Chan, Mun Choon
Author_Institution :
Temasek Lab., Nat. Univ. of Singapore, Singapore
Abstract :
Distributed denial of service (DDoS) attacks pose a serious threat to service availability of the victim network by severely degrading its performance. Recently, there has been significant interest in the use of statistical-based filtering to defend against and mitigate the effect of DDoS attacks. Under this approach, packet statistics are monitored to classify normal and abnormal behaviour. Under attack, packets that are classified as abnormal are dropped by the filter that guards the victim network. We study the effectiveness of DDoS attacks on such statistical-based filtering in a general context where the attackers are "smart". We first give an optimal policy for the filter when the statistical behaviours of both the attackers and the filter are static. We next consider cases where both the attacker and the filter can dynamically change their behaviour, possibly depending on the perceived behaviour of the other party. We observe that while an adaptive filter can effectively defend against a static attacker, the filter can perform much worse if the attacker is more dynamic than perceived.
Keywords :
Internet; adaptive filters; quality of service; statistical analysis; DDoS; adaptive filter; distributed denial of service attacks; normal classification; optimal policy; service availability; statistical-based filtering; victim network; Adaptive filters; Availability; Computer crime; Computer science; Context-aware services; Degradation; Filtering; Humans; Statistical distributions; Telecommunication traffic;
Conference_Titel :
INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings IEEE
Print_ISBN :
0-7803-8968-9
DOI :
10.1109/INFCOM.2005.1498362
